Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to use a mix of Atlassian and SAML accounts?

Chris Imeson
Chris Imeson
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 21, 2018

I am considering setting up SAML authentication on our subscription but we currently have a mix of Internal users and External users using the application.  I'd like Internal users to authenticate using SAML but would still like the possibility of providing contractors access using the Atlassian account.  Is this possible?

Answer
Watch
Like # people like this
3501 views

1 answer

1 accepted

5 votes
Answer accepted
K_ Yamamoto
K_ Yamamoto
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2018

Hi Chris

It is possible. Here's the authentication flow when you mixed those two authentication options:

  1. When you are trying to login to Atlassian Cloud, the login form asks you to enter your email address first
  2. The login form behaves based on your email address:
    • If the entered email address's domain is verified and its organization enables SAML integration, you will be redirected to the SAML IdP's form
    • If not, you will be asked to enter your Atlassian Cloud's password

 

Screenshot 2018-06-22 10.33.59.png

 

Hope this helps.

View More Comments
Wilfried Jonker
Wilfried Jonker
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 26, 2018

Thank you for the clear and concise response. I was also wondering if this would be possible.

Like
K_ Yamamoto
K_ Yamamoto
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 26, 2018

Glad to hear my response was helpful for you, Wilfried. And thanks for voting up the answer. Please feel free to ask in the community if you have other questions.

Like Johnny Hermann likes this
Damian Egli
Damian Egli October 1, 2019

Hi

but then we can't use User and Group provisioning from Azure to Atlassian Cloud Products as we can't assign external users to our provided groups. Is that correct?

So am I right then, that only SAML work and provisioning of our "internal" ( aka verified domain) users?

 

thanks and regards, Damian

Like
K_ Yamamoto
K_ Yamamoto
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 1, 2019

Hi Damian,

Both are correct. Maybe you want to provide an email address to external users (which can have a different domain from the one for internal users) if you need to manage them with Atlassian Access.

Like
Damian Egli
Damian Egli October 2, 2019

But this Mail Adress we would provide must contain a verfied domain?

Like
K_ Yamamoto
K_ Yamamoto
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 2, 2019

That is correct. You can associate multiple domains with an organization.

Like
M
M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 19, 2021

Sorry for digging this old question. 

I would like to know, how to associate multiple domains with an organisation?

Secondly, If multiple domains are associated with an organisation, can the external users have their own Jira organisation verified domain?

Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events